Kaseya Community

Script or Agent Procedure to pull or find a specific registry Key

This question is answered

Hello all,

 

So I have been banging my head on setting up an agent procedure to search for a specific registry key on all our servers.  I was wondering if anyone has any insight or has an agent procedure or script setup already to do this?  Any insight or help in the matter would be greatly appreciated.  Thanks

Verified Answer
  • Hi Jose,

    The key you state above is incorrect (for instance you have HKEY_LOCAL....twice)...perhaps you accidentally did a double copy/paste ?

    You also may have keys & values confused....try to think of the Registry as Files and Folders by doing this.

    Think of Keys as folders

    Think of Values as files

    Think of Data as the contents of a file

    Keep in mind that Within Kaseya if you try to read the Data from a Value and it doesn't exist....you will get an error.

    So lets assume you want to get the version number of the VSS provider...do the following

    1. Create an IF statement that checks for the existence of the KEY first. i.e HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS\Providers\{f782463b-33bb-4043-ad8d-60b728d26a6c}

    2. If the above step was TRUE.......THEN Create another IF statement that checks for the existence of the Value. i.e Version

    3. If the above step was TRUE ......THEN issue a Get Variable - Registry Value command which will read the contents of the Value

    Of course....if you only car if the KEY is present....then you dont need steps 2 or 3.

    Cheers

    Josh

All Replies
  • In the words from Number 5 from the movie Short Circuit (1986) "Need more input..."

  • You cant do a search of the registry for a key or value using a wildcard (if this is what you meant).

    i.e search for *microsoft*

    To test for a Value you must know the FULL path to the value and then read it.

    To do this you have 2 options

    1. Use the Step....Get Variable -- Registry Value / 64-bit Registry Value

    2. Use the IF --Check Registry Value / Check 64-bit Registry Value

    You cant read a key...only check if it exists.

    To test for a Key  you must know the FULL path and use the IF - Test Registry Key / Test 64-bit Registry Key

    Regards

    Josh

  • Josh,

    Thanks for your input and thank you for the clarification. I was on th right track from what I can see but I wanted to make sure.  I am basically trying to look for the registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS\Providers\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS\Providers\{f782463b-33bb-4043-ad8d-60b728d26a6c}

    The key above is the Acronis VSS provider key, so below is what I have so far and please correct me if I am wrong:

    1. get variable -- Registry Value( Now I have tried to use the Full Registry path above and just the registry value f782463b-33bb-4043-ad8d-60b728d26a6c

    In both cases I get an error stating that they are an error invalid parameter, so I guess that is where I am stuck, otherwise if I can figure out what I should put in as the Registry value I should be fine from there.  i am sorry I am novice when it comes to agent procedures and scripting, any help in the matter is greatly appreciated.  Thanks again

  • Hi Jose,

    The key you state above is incorrect (for instance you have HKEY_LOCAL....twice)...perhaps you accidentally did a double copy/paste ?

    You also may have keys & values confused....try to think of the Registry as Files and Folders by doing this.

    Think of Keys as folders

    Think of Values as files

    Think of Data as the contents of a file

    Keep in mind that Within Kaseya if you try to read the Data from a Value and it doesn't exist....you will get an error.

    So lets assume you want to get the version number of the VSS provider...do the following

    1. Create an IF statement that checks for the existence of the KEY first. i.e HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS\Providers\{f782463b-33bb-4043-ad8d-60b728d26a6c}

    2. If the above step was TRUE.......THEN Create another IF statement that checks for the existence of the Value. i.e Version

    3. If the above step was TRUE ......THEN issue a Get Variable - Registry Value command which will read the contents of the Value

    Of course....if you only car if the KEY is present....then you dont need steps 2 or 3.

    Cheers

    Josh

  • Josh,

    Okay I finally got it and I appreiate the help, the one thing that work was the test registry key function, once that worked I was able to run other IF statements off that function or procedure.  I guess I was getting confused on the check registry value and get variable procedures, all along I should have the test registry key procedure.  But in any case my issue has been resolved and I thank you for your assistance in the matter,  Have a good evening.

  • Hi  joshua,

    Maybe you van help me with this.

    I want to create a procedure to write info in a custom field of the system info.

    I have the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\

    The name is TSAppCompat and the value is 1

    This is a TS registry for TS appmode.

    I`m breaking my brains over this (new into kaseya)

    community.kaseya.com/.../76682.aspx

    Thanks,

    Erik

  • Hello Erik,

    In our Kaseya installation we have an default procedure from Kaseya "Audit Server Roles". This procedure also reads registry keys (based in a batch file) to populate a custom system info field. Maybe you'll get some inspiration from this procedure.

    Groet,

    Jasper

  • Hi Jasper,

    Allready found the solution, i tried to much ifs and steps (newbe)

    The procedure that works is to check the registry value (IF) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TSAppCompat is equal to 1 (STEP) Update system info (custom field terminal server App Mode) with the value TRUE

    Erik

    Where can i find the procedure you talking about ?

  • Jasper,

    Found the procedures and batch file.

    Thanks

  • Great Post guys.... Thanks,

    I need to add one more step to it. I am able to get value from registry. On the next step in need to use this value in next command.

    The command I am running is Get variable (HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnSAMUse

    Now I need output as %user name% in below command.

    executeshellcommand (net localgroup "Administrator" "%user name%" /ADD

    Please help me on this....

    Thanks

    H Rohal

  • Procedure NET - Current User as LocalAdmin (ADD).zip

    @H Rohal

    It looks like you are trying to write a script that add the current/last logged on user as a member of the local Administrators group, not to take away to joy of writing your own script but I have attached my own to this post for you to try if you want.

    You don't have to query the registry for the last logged on user as you can get this information out of Kaseya via Database Views;

    Current Logged in User Account Name   

    • #vAgentConfiguration.currentUser#

     

    Last Logged in User Account Name

    • #vAgentConfiguration.lastLoginName#

    Below is a link to another thread with some more information on the Database Views;

    http://community.kaseya.com/xsp/f/28/p/11666/57485.aspx#57485